Endpoint Vulnerability Scanning with Cisco ISE
Question
What gives Cisco ISE an option to scan endpoints for vulnerabilities?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B.
https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_010100.htmlThe correct answer is D. Authorization policy.
Cisco Identity Services Engine (ISE) is a network administration product that provides a centralized platform for managing and enforcing security policies across a network. One of its features is the ability to scan endpoints for vulnerabilities.
An authorization policy in ISE is a set of rules that define what a user can do after they have been authenticated. These rules can include things like which network resources the user can access, what level of access they have, and which security policies they must comply with.
To scan endpoints for vulnerabilities, an administrator would create an authorization policy that includes a Posture condition. Posture is a feature in ISE that allows endpoints to be scanned for compliance with a set of predefined security policies.
The Posture condition in the authorization policy can be configured to check for specific vulnerabilities, such as outdated software, missing patches, or insecure configurations. If an endpoint is found to be non-compliant with the defined security policies, it can be placed into a quarantine state or have its network access restricted until the issue is resolved.
In summary, an authorization policy in Cisco ISE can include a Posture condition that allows endpoints to be scanned for vulnerabilities, making it a powerful tool for network security management.
